Spring vault does not use the new token after login
I am trying to read secrets from vault using Spring vault cloud. I use a service token type.
In my set-up the max_ttl is set to 1h and ttl to 10 minutes, so the token will be renewed at every 10 minutes till the max_ttl is reached. Once the max_ttl is reached, the token will be dropped/revoked and a new login is performed, receving a new token.
The issue is that when trying to read secrets, the old expired token is still used.
Any idea why this happens?
Using:
- spring-cloud-config-2.2.3
- spring-vault-core-2.2.0
- Kubernetes
Vault audit logs:
The issue does not reproduce anymore as we disable the use of the reactive org.springframework.vault.authentication.ReactiveLifecycleAwareSessionManager in favor of the "classic: one: org.springframework.vault.authentication.LifecycleAwareSessionManager.
For disabling it, we set:
spring.cloud.vault.reactive.enabled=false
- propertySources Shows Empty (Spring Cloud Config)
- Spring boot gateway error - Unable to find RoutePredicateFactory with name path
- EnableEurekaClient import doesn't exist
- Listening to context Refreshed in Spring cloud consul config
- Get k8s namespace inside spring boot application?
- Spring Cloud Dataflow Server - NoSQL / MongoDB Database support
- How to manage multiple .properties files in Spring Boot for different deploying environments?
- SpringBoot-2 application is not loading entries from bootstrap.yml file
- Azure AppConfiguration with Spring Boot 2.5.x
- Spring Boot 3.0.11: java.lang.NoClassDefFoundError: org.springframework.cloud.test.TestSocketUtils
- How to configure SQS endpoint via environment variable in Spring Boot?
- Spring Boot 2.7.18 compatibility issue with spring-cloud
- The import de.codecentric.boot.admin.server.config.EnableAdminServer cannot be resolved
- Using Spring boot/cloud with Amazon AWS lambda does not inject values
- How to intercept Spring Cloud Stream messages?
- Call to service by the gateway is not found
- Spring cloud gateway unable to resolve service id from eureka server
- Spring boot 3 does not load configMap
- Configure CORS policy for Spring Cloud Gateway
- actuator /refresh is not being provided in SpringBoot 2.0.1
- How to POST form-url-encoded data with Spring Cloud Feign
- Cannot resolve symbol 'EnableEurekaClient'
- What's the difference between EnableEurekaClient and EnableDiscoveryClient?
- @RefreshScope seems to ignore Mockito's mocks
- Which Spring Cloud AWS version should be used with Spring Boot 3?
- High memory usage in JVM level - org.springframework.boot.actuate.autoconfigure.metrics.AutoConfiguredCompositeMeterRegistry
- Calling a service name using RestClient, HttpInterfaces and Eureka
- How to disable Spring Cloud Kubernetes in a Maven build
- What is the difference between putting a property on application.yml or bootstrap.yml in spring boot?
- Error starting up Eureka Client with Spring Boot 2.4.1